Due to February having a precise length of four weeks this year, we once again saw the coincidence of Firefox and Microsoft updates occurring last month.
During this time, Microsoft had to address three zero-day vulnerabilities. These refer to security weaknesses that cybercriminals discover and exploit in real-world attacks before any patches are available. The term zero-day serves as a reminder that even those who are most progressive and proactive with patching have no opportunity to stay ahead of the attackers.
As we move into March 2023, there are two zero-day fixes to deal with – one in Outlook and the other in Windows SmartScreen.
What’s interesting about the Outlook vulnerability is that it was discovered in the wild and was reported by Microsoft as “Exploitation Detected.” It is jointly credited to CERT-UA (the Ukrainian Computer Emergency Response Team), Microsoft Incident Response, and Microsoft Threat Intelligence.